<%@page import="java.sql.*" %>
<%@page import="dao.AccesoBD" %>
<%
	String login = request.getParameter("login");
	String password = request.getParameter("password");
	out.println("login->" + login);
	out.println("password->" + password);
	AccesoBD abd = new AccesoBD();
	Connection c = abd.conectar();
	PreparedStatement stmt = c.prepareStatement("select password from usuarios where username=?");
	stmt.setString(1, login);
	ResultSet rs = stmt.executeQuery();
	if (rs.next()) {
		String passwordBD = rs.getString(1);
		abd.cerrarConexion();
		if (password.equals(passwordBD)) {
			session.setAttribute("login", login);
			response.sendRedirect("welcome.jsp");
		} else {
			response.sendRedirect("error.jsp?error=2");
		}
	} else {
		abd.cerrarConexion();
		response.sendRedirect("error.jsp?error=1");
	}
	
%>